Skip to main content

NakedWife: No Naked Wives inside, Just an Ordinary Internet-Worm

7 March 2001

Cambridge, United Kingdom, March 7, 2001 - Kaspersky Labs, an international data-security software-development company, warns computer users of the new dangerous Internet-worm "Naked" spreading via e-mail. Kaspersky Labs has already received several reports of the worm "in-the-wild." "Naked" spreads...

Cambridge, United Kingdom, March 7, 2001 - Kaspersky Lab, an international data-security software-development company, warns computer users of the new dangerous Internet-worm "Naked" spreading via e-mail. Kaspersky Lab has already received several reports of the worm "in-the-wild."

"Naked" spreads via e-mail by sending infected messages from infected computers. While spreading, the worm uses MS Outlook and sends itself to all addresses found in the MS Outlook address book. The infected messages appear as follows:

Attached file name: NakedWife.exe
The Subject: Fw: Naked Wife
Message body:
My wife never look like that! ;-)

Best Regards,
[CurrentUser]

where [CurrentUser] is the name of the particular current user.

When run (if a user clicks on an attached infected file), the worm sends its copies by e-mail, and activates its destructive payload: it deletes all files with .INI, .LOG, .DLL, .EXE, .COM, and .BMP extensions in the Windows directory, and .INI, .LOG, .DLL, .EXE, and .BMP in the Windows system directory.

The worm does not install itself into the system, and does not tamper with the system registry. This is a "direct action" worm that performs its action only once, being activated from an infected message.

When run, the worm displays a fake window with a "Macromedia Flash Player" picture in it, and displays a "Loading", "Loading...", "Loading..." message in an endless loop.

"In this case, we are dealing with a very ordinary Internet-worm not using any unique techniques to penetrate into users' computers. Just like the vast majority of the malicious code of this type, it exploits the so-called "mind breaches" luring a user into running an infected file simply because of the intriguing name," said Denis Zenkin, Head of Corporate Communications for Kaspersky Lab.

Protection against the "Naked" worm has already been added to the KasperskyTM Anti-Virus daily anti-virus database update. More details about the worm are available at Kaspersky's Virus Encylopedia.

Kaspersky Anti-Virus can be purchased in the Kaspersky Lab online store or from a worldwide network of Kaspersky Anti-Virus distributors and resellers.

NakedWife: No Naked Wives inside, Just an Ordinary Internet-Worm

Cambridge, United Kingdom, March 7, 2001 - Kaspersky Labs, an international data-security software-development company, warns computer users of the new dangerous Internet-worm "Naked" spreading via e-mail. Kaspersky Labs has already received several reports of the worm "in-the-wild." "Naked" spreads...
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases